12 - Modern Identity Patterns
Chris is joined by Christos Matskas — former Microsoft Premier Field Engineer, developer tools evangelist, and .NET identity expert — for a deep-dive into modern identity patterns in the cloud. They cut through the confusion between Azure AD, Azure AD B2B, Azure AD B2C, and External Identities, explain why the network perimeter is no longer your security boundary, and make the case for letting battle-hardened libraries like MSAL do the heavy lifting rather than rolling your own auth. From eliminating secrets in ARM templates to Zero Trust principles, this episode lays a practical foundation for securing any cloud application.
What you’ll learn
- The difference between Azure AD, Azure AD B2B, Azure AD B2C, and External Identities — and which pattern fits your scenario
- Why the network perimeter is no longer your security boundary in the cloud, and how Zero Trust changes the equation
- The real cost of rolling your own authentication system — and how MSAL can replace weeks of work with minutes of integration
- How to eliminate secrets and credentials from ARM templates and source code using managed identities and service principals
- The insider perspective on real-world identity mistakes encountered during Azure Workload Optimisation engagements
- Where to go deeper: the 425Show community hours on Twitch, covering identity and developer tools in depth
Related Content
8 - Azure Security
Moving to Azure? Security has to come first. Chris is joined by cybersecurity expert Andrew Nathan to explore how organisations can build a strong security posture in the cloud — covering Azure Security Center and Secure Score, identity strategy (Azure AD vs. Azure RBAC), multi-factor authentication, threat modelling, Azure Policy and Management Groups for governance, and the evolution of security operations into red team/blue team war gaming. Whether you're starting your cloud journey or course-correcting an existing environment, this episode will help you understand where to begin and how to keep improving over time.
5 - The API Economy
APIs are the connective tissue of modern cloud architectures — but poor API design compounds into technical debt that is expensive to unwind. In this episode, Chris Reddington and Peter Piper explore the full lifecycle of API design: defining versioning contracts up front, modernising legacy APIs using the Strangler and Façade patterns, and securing APIs with JWT tokens, OAuth 2.0, and OIDC. They also cover Azure API Management patterns, circuit breakers, throttling, key rotation with Azure Key Vault, and the DevSecOps practices that keep an API estate healthy at scale.
2 - Cost Control
Moving to the cloud shifts infrastructure spend from capital expenditure (CapEx) to operational expenditure (OpEx)—but only if you think about cost correctly from the start. This episode covers the cloud cost mindset: right-sizing, auto-scaling (scale out vs scale up), compute resource consolidation, governance through resource tagging and policy, pricing calculators, reserved instances, and how to build cost awareness into your architecture from day one.